McDonald’s Faces Scrutiny After AI Hiring Tool Breach Exposes Data of 64 Million Applicants
The breach was discovered in late June by security researchers Ian Carroll and Sam Curry during a review of McHire, McDonald’s AI-driven hiring platform, as per the CSO Online report. The tool, which uses an automated chatbot named Olivia to screen and engage applicants, had a hidden flaw that made it easy for anyone to access applicants’ chat histories with the bot, according to the report.
According to Carroll, the team noticed a login option labeled “Paradox team members” on McHire’s admin interface, which led them to try using the default username and password combination “123456,” and they were immediately logged in, not only to a test environment but also to real administrative dashboards containing live data, as reported by CSO online.
ALSO READ: AI is watching, layoffs are rising — inside the terrifying new era of office paranoia
Carroll said, “Although the app tries to force single sign-on (SSO) for McDonald’s, there is a smaller link for ‘Paradox team members’ that caught our eye,” as quoted in the report. Carroll revealed that, “Without much thought, we entered ‘123456’ as the password and were surprised to see we were immediately logged in!,” as quoted in the report.
Once they got inside, they found something even more troubling: that an internal API endpoint allowed access to fetch applicant data by using a predictable parameter, according to the report. This insecure direct object reference, or IDOR, meant they could view personal data of the applicant, chat transcripts with Olivia, names, email addresses, phone numbers, job application details, and even tokens that could let someone impersonate a candidate, as reported by CSO Online.The issue was discovered after Reddit users began complaining that Olivia was giving strange or nonsensical responses, which led the researchers to take a closer look, according to the report. However, the issue of Olivia was immediately resolved by McDonald’s and Paradox.ai (Olivia’s creator) upon disclosure, reported CSO Online.ALSO READ: Dogecoin and Shiba Inu skyrocket as meme coins explode during crypto market boom
What Are Experts Saying About the Incident?
A senior manager for professional services consulting at Black Duck, Aditi Gupta, pointed out that, “The McDonald’s breach confirms that even sophisticated AI systems can be compromised by elementary security oversights,” and added, “The rush to deploy new technology must not compromise basic security principles. Organizations must prioritize fundamental security measures to ensure uncompromised trust in their software, especially for the increasingly regulated, AI-powered world,” as quoted in the report.
Desired Effect’s CEO Evan Dornbush highlighted that, “This incident is a prime example of what happens when organizations deploy technology without an understanding of how it works or how it can be operated by untrusted users,” adding that, “With AI systems handling millions of sensitive data points, organizations must invest in understanding and mitigating pre-emergent threats, or they’ll find themselves playing catch-up, with their customers’ trust on the line,” as quoted by the CSO Online report.
Rapid Response by McDonald’s and Paradox.ai
However, after the disclosure on June 30, Paradox.ai and McDonald’s acknowledged the vulnerability quickly, and by July 1, default credentials were disabled and the endpoint was secured, according to the report. Paradox.ai also said that it will conduct further security audits, reported CSO Online.
Later, a Paradox staff member wrote on its website, “We are confident that, based on our records, this test account was not accessed by any third party other than the security researchers,” and emphasised that “at no point was candidate information leaked online or made publicly available. Five candidates in total had information viewed because of this incident, and it was only viewed by the security researchers. This incident impacted one organization — no other Paradox clients were impacted,” as quoted by the CSO Online report.
Could the Exposed Data Be Used for Attacks?
While the chief information security officer at Cequence Security, Randolph Barr warned that, “Even though there’s no indication the data has been used maliciously yet, the scale and sensitivity of the exposure could fuel targeted phishing, smishing/vishing, and even social engineering campaigns,” and added that, “Combined with AI tooling, attackers could craft incredibly personalized and convincing threats,” as quoted by CSO Online.
FAQs
What kind of data was exposed?
Applicant chat logs, contact details, job application responses, shift preferences, personality test results, and impersonation tokens were accessible.
How did the researchers access the system?
They used a publicly visible login labeled “Paradox team members” and guessed the default password “123456,” which gave them immediate access.
